Details of VAR-202006-1076

ID

VAR-202006-1076

CVE

CVE-2020-3209

TITLE

Cisco IOS XE Vulnerability related to digital signature verification in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-006205

DESCRIPTION

A vulnerability in software image verification in Cisco IOS XE Software could allow an unauthenticated, physical attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. The vulnerability is due to an improper check on the area of code that manages the verification of the digital signatures of system image files during the initial boot process. An attacker could exploit this vulnerability by loading unsigned software on an affected device. A successful exploit could allow the attacker to install and boot a malicious software image or execute unsigned binaries on the targeted device. Cisco IOS XE The software contains a digital signature verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco IOS XE is an operating system developed by Cisco for its network equipment

Trust: 1.71

sources: NVD: CVE-2020-3209 // JVNDB: JVNDB-2020-006205 // VULHUB: VHN-181334

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.2ts	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.7s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.2sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1csp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1d	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.7ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.0sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.8sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.8s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.6as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.0sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.2ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.2ts	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.0ce	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.0sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.9e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.9sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.0sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.2sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.5ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.1cs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.4c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1bsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.2be	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.8sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.1sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.9s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.0se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1asp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.5e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.7sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.8sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.5sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1g	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2asp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1isp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.8s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.10e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.5sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.7sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.0bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.10s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.4e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.2se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.5b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.7be	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.5ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.3se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1hsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3bsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.8e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.1se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.5se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0cs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.3sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.6sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.7e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.6sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.8e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1d	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.4sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3h	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1d	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.6e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.2.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.8sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.12.1y	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.7a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.9s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.7sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.7s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.8as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.4se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.5sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4es	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.7as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.0ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.4e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.2.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.2sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.4as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.5sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.4e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1f	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.3sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.3as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.5be	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.7sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1xo	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.6e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.7e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.10s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.11sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.2xo	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.1sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.10s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.1gsp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.2sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.4sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4gs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.2as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.5e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.8	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.7s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.2as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.4sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.4sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.5b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.9s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.3asp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.6bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.11.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.7s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.2bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.5e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.1sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.9ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4cs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.7.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.6sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.3se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0xo	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.5as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.2se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.0be	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.3sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.1sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.8s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.8s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.18.0sp	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.6bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.10sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.6sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4bs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.10.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.9e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.4ds	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco ios xe	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-006205 // NVD: CVE-2020-3209

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3209
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3209
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-3209
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202006-356
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-181334
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-3209
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-181334
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2020-3209
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2020-3209
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-181334 // JVNDB: JVNDB-2020-006205 // CNNVD: CNNVD-202006-356 // NVD: CVE-2020-3209 // NVD: CVE-2020-3209

PROBLEMTYPE DATA

problemtype:	CWE-347	Trust: 1.1
problemtype:	Improper verification of digital signatures (CWE-347) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-181334 // JVNDB: JVNDB-2020-006205 // NVD: CVE-2020-3209

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-202006-356

PATCH

title:	cisco-sa-iosxe-digsig-bypass-FYQ3bmVq	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-digsig-bypass-FYQ3bmVq	Trust: 0.8
title:	Cisco IOS XE Repair measures for data forgery problem vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=120254	Trust: 0.6

sources: JVNDB: JVNDB-2020-006205 // CNNVD: CNNVD-202006-356

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3209	Trust: 3.3
db:	JVN	id:	JVNVU94803886	Trust: 0.8
db:	ICS CERT	id:	ICSA-22-300-03	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-006205	Trust: 0.8
db:	CNNVD	id:	CNNVD-202006-356	Trust: 0.7
db:	AUSCERT	id:	ESB-2022.5426	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1941	Trust: 0.6
db:	VULHUB	id:	VHN-181334	Trust: 0.1

sources: VULHUB: VHN-181334 // JVNDB: JVNDB-2020-006205 // CNNVD: CNNVD-202006-356 // NVD: CVE-2020-3209

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-iosxe-digsig-bypass-fyq3bmvq	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3209	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu94803886/index.html	Trust: 0.8
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-300-03	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-ios-xe-multiple-vulnerabilities-32421	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1941/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5426	Trust: 0.6

sources: VULHUB: VHN-181334 // JVNDB: JVNDB-2020-006205 // CNNVD: CNNVD-202006-356 // NVD: CVE-2020-3209

SOURCES

db:	VULHUB	id:	VHN-181334
db:	JVNDB	id:	JVNDB-2020-006205
db:	CNNVD	id:	CNNVD-202006-356
db:	NVD	id:	CVE-2020-3209

LAST UPDATE DATE

2024-08-14T13:24:27.985000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-181334	date:	2020-06-10T00:00:00
db:	JVNDB	id:	JVNDB-2020-006205	date:	2022-10-31T02:55:00
db:	CNNVD	id:	CNNVD-202006-356	date:	2022-10-28T00:00:00
db:	NVD	id:	CVE-2020-3209	date:	2020-06-10T15:09:12.227

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-181334	date:	2020-06-03T00:00:00
db:	JVNDB	id:	JVNDB-2020-006205	date:	2020-07-03T00:00:00
db:	CNNVD	id:	CNNVD-202006-356	date:	2020-06-03T00:00:00
db:	NVD	id:	CVE-2020-3209	date:	2020-06-03T18:15:18.933